verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to run local shell commands such as
cargo test,npm run build, andripgrepto provide evidence of task completion and code correctness. - [COMMAND_EXECUTION]: Delegates the execution of potentially verbose or resource-intensive tasks, such as running test suites and pre-commit hooks, to an external
hyperpowers:test-runneragent. - [PROMPT_INJECTION]: Employs rigid process instructions like 'Iron Law' and 'LOW FREEDOM' to ensure the agent does not shortcut verification steps.
- [PROMPT_INJECTION]: Exhibits an indirect prompt injection surface by processing potentially untrusted data from command outputs and task management tools. 1. Ingestion points: Command stdout/stderr and
bdtask success criteria. 2. Boundary markers: None present. 3. Capability inventory: Local command execution and delegation to external agents. 4. Sanitization: No sanitization or validation of external content is performed.
Audit Metadata